CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
92.6%
Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote
attackers to bypass file type checks and possibly execute programs via a
(1) file:/// or (2) resource: URI with a dangerous extension, followed by a
NULL byte (%00) and a safer extension, which causes Firefox to treat the
requested file differently than Windows would.